Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightVM vs Recorded Future comparison

The compared Rapid7 and Recorded Future solutions aren't in the same category. Rapid7 is ranked #4 in RBVM , with an average rating of 8.1, and holds a 19.4% mindshare in the category. Recorded Future is ranked #1 in TIPT , with an average rating of 8.3, and holds a 24.0% mindshare. Additionally, 88% of Rapid7 users are willing to recommend the solution, compared to 100% of Recorded Future users who would recommend it.
Rapid7 InsightVM
Read 61 Rapid7 InsightVM reviews
  • 5,237 Views
  • 3,500 Comparison Views
88% willing to recommend
Recorded Future
Read 12 Recorded Future reviews
  • 6,368 Views
  • 3,534 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Rapid7 InsightVM and Recorded Future based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Risk-Based Vulnerability Management Report (Updated: December 2024).
Buyer's Guide
Risk-Based Vulnerability Management
December 2024
Download the complete report
Helped 825,399 peers since 2012
 

Categories and Ranking

Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
61
Ranking in other categories
Risk-Based Vulnerability Management (4th)
Recorded Future
Average Rating
8.4
Reviews Sentiment
6.2
Number of Reviews
12
Ranking in other categories
Threat Intelligence Platforms (1st), Digital Risk Protection (1st)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Rapid7 InsightVM is designed for Risk-Based Vulnerability Management and holds a mindshare of 19.4%, up 15.0% compared to last year.
Recorded Future, on the other hand, focuses on Threat Intelligence Platforms, holds 24.0% mindshare, up 18.2% since last year.
Risk-Based Vulnerability Management
Threat Intelligence Platforms
 

Featured Reviews

Shakeel Ahmad - PeerSpot reviewer
Brilliant audit report and scorecard but scans often get blocked by firewalls
The solution cannot scan third-party tools that have firewalls within them. The firewalls detect and block the solution. Conversely, Nexus is able to bypass firewalls because it has low detectability. We use Nexus when the solution cannot bypass a firewall. The solution can scan 60% of the time but Nexus can scan 90% of the time. The solution needs to improve its vulnerability design to include CVC results. Nexus has a good, long range and a good database for finding CVC numbers. We need this level of security detail but the solution does not seem to provide it.
Read full review
Dr. Merrick Watchorn - PeerSpot reviewer
Traceless online searches, stable, and scalable
There is a semantic oncology dynamic relationship between how the MIGR Tech framework needs more data infusion enrichment capabilities. To be clear, what the vendor is doing is of a high standard, and my only critique is that they need to make new enhancements. I am aware that the vendor is making a concerted effort to add additional information to their repository, and it is something they actively do. The vendor has publicly stated that they will work on this, and I always pay attention to make sure they adhere to that. This does not change over time. The export feature of the recording needs to stop being so restricted. When they record in order to save themselves by operations, I would expect that as a super user, if I asked to download the dataset I'm looking for, I would not be limited in my data downloads. One of the cool things is, let's say we do our entire research and we want to save all of the materials that were returned, and that special custom search that we made, we can export that into a CSV file. The problem is it gets restricted. So sometimes when I say it's restricted, we don't get all the data that we saw online. So then we have to go and manually search for the specific thing we're looking for. I would like to have the URI and whatever value set that I search off, and for the NLP package to not be stripped out. It's like saying I want to do a Pcap analysis. Don't strip out the Pcap when I asked to see Pcap. That's what they're doing. They do this for many different reasons. One of them is, imagine if everyone downloaded datasets that are very large and it brings the whole system down.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"InsightVM has a very organized GUI with ease of use."
"most valuable features of Rapid7 InsightVM for me are creating dynamic asset tags, generating reports, and deploying the agent. The agent scans assets every four hours, providing real-time data on any devices. Although there weren't any significant new features compared to our previous tool, having both SIEM and vulnerability management handled by one tool made things easier. We could gather logs from different devices and cloud sources, and perform detailed investigations without switching tools. I haven't worked with the automation capabilities of InsightVM. For remediation prioritization, we check the vulnerability, search for solutions on open platforms, and work with different teams to apply patches after proper testing. Currently, we don’t have any AI or ASM projects assisted by InsightVM"
"InsightVM's most valuable feature is risk scoring, a formula based on different vectors like the ease of exploitation and the availability of the machine."
"The cost is what is most valuable. Compared to the other products on the market, the cost is more palatable."
"The most valuable feature for us is the different types of reporting it provides."
"The solution scales well."
"The product's initial setup phase was very easy."
"Has great reporting features."
More Rapid7 InsightVM pros
"The most valuable feature of Recorded Future is how it detects everything regarding our domain."
"It can collect data from various sources, including social media and the dark web."
"The intel that they were providing us over the emails was very good. If it found any hashtag in our organization's name on the dark web, a rogue IP, or a marketplace, it would send us an email and notify us that this is being mentioned, and if we want, they can take some action."
"Recorded Future has some important strengths. It has a long history of success in the market and is known for excellent threat intelligence. Its team is skilled at using AI to search for and report on threats. For many years, it was seen as the best in the industry."
"As a threat intelligence tool, it's very helpful."
"The most valuable feature is Recorded Future's protection of exposed customer data on the hardware side."
"The tool can integrate with a lot of security control and proactive protection devices."
"From the feedback I've received from my clients, the most valuable feature is the ability to personalize the solution. The ability to have a customized dashboard makes it easy for leadership and management to obtain details. Intelligence analysts or security engineers care about the actions and results, whereas the leadership care about graphs and reports. Recorded Future helps my clients create reports and also determine how the intelligence that is generated is consumed. They can easily show the benefits to the leadership without them having to invest 10 hours a week into transferring numbers into a graph or into creating reports."
More Recorded Future pros
 

Cons

"The product does not have the capability to do dynamic scanning of non-web applications."
"The solution should include a tighter integration with third-party threat modeling and threat intelligence tools."
"We'd like the agent to cover more compliance issues."
"They should integrate the solution with multiple products."
"Patch management is the only missing feature I can think of. Rapid7 detects vulnerabilities, but it should also help you manage patches."
"Technical support does not respond quickly."
"We have some issues with how it scans patches."
"The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier."
More Rapid7 InsightVM cons
"The solution would benefit from introducing automation."
"Lacks sufficient visibility of malware and international APT attacks."
"It sometimes detects false positives and reduces the overall accuracy of the system."
"The product gives many false positives. If someone talks about the brand or organization name in the public domain over chats or blocks, it gets highlighted. It may not necessarily be a threat but still gets highlighted which increases the false positive count."
"The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload."
"At present, my clients need to be trained by me or another organization on how to use Recorded Future and how to get the best out of it as an analyst, engineer, and administrator. It would be better if clients could directly learn these things without having to go through me or other organizations."
"While I don't think the tool is weak, its position isn't as dominant as it once was. Other companies like CrowdStrike and Mandiant are now challenging them in many areas. One downside is that Recorded Future can be complex for customers to use and understand. This isn't easy for clients to navigate."
"Recorded Future is a very expensive solution, and its pricing could be improved."
More Recorded Future cons
 

Pricing and Cost Advice

"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"The license is annual and this is the optimal approach when it comes to most software."
"It is less expensive compared to other competitors."
"A full license for the solution is expensive because it is at the organizational level and not by individual users."
"The tool's price is neither too high nor too low. My company needs to pay 65,000 per year. There are no additional costs apart from the licensing fees attached to the solution."
"I do not have experience with the pricing of the solution."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"The product is cheaper than the other similar tools available in the market."
More Rapid7 InsightVM pricing and cost advice
"There appear to be up to five different levels, with the most expensive version costing around $95,000 to $105,000 a year for subscription services."
"The biggest disadvantage of Recorded Future is the cost here in Eastern Europe. The solution is correctly priced for big companies who have the money to invest in such solutions. Also, the solution is useless on its own, which means that you have to invest in other solutions with which Recorded Future can be integrated. At present, Recorded Future can cost 60,000 euros per year. I am able to offer my clients a 5% to 10% discount, but in this region, the cost is still prohibitive even with the discount. If Recorded Future were more flexible in terms of price, there would be better sales opportunities in Europe and Eastern Europe, in particular, because we have more small- and medium-sized companies here."
"I would rate the solution’s pricing a seven out of ten."
"The price of the solution is worth it. The overall performance of the solution outweighs the cost."
report
See which vendors are best for you
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
See recommendations
825,399 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
41%
Computer Software Company
10%
Financial Services Firm
7%
Manufacturing Company
6%
Computer Software Company
16%
Financial Services Firm
15%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
See all answers
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
See all answers
What do you like most about Recorded Future?
The most valuable feature of Recorded Future is how it detects everything regarding our domain.
See all answers
What is your experience regarding pricing and costs for Recorded Future?
The price of the solution is worth it. The overall performance of the solution outweighs the cost.
See all answers
What needs improvement with Recorded Future?
Recorded Future depends on or relies on just the deep and dark web analysis through their quantum computing and algorithms. Sometimes, the feed is not accurate or valuable. Other threat intelligenc...
See all answers
 

Comparisons

Tenable Nessus vs Rapid7 InsightVM Logo
Tenable Nessus vs Rapid7 InsightVM
Compared 21% of the time
Qualys VMDR vs Rapid7 InsightVM Logo
Qualys VMDR vs Rapid7 InsightVM
Compared 18% of the time
Tenable Security Center vs Rapid7 InsightVM Logo
Tenable Security Center vs Rapid7 InsightVM
Compared 12% of the time
Microsoft Defender Vulnerability Management vs Rapid7 InsightVM Logo
Microsoft Defender Vulnerability Management vs Rapid7 InsightVM
Compared 8% of the time
Rapid7 Metasploit vs Rapid7 InsightVM Logo
Rapid7 Metasploit vs Rapid7 InsightVM
Compared 1% of the time
More Rapid7 InsightVM Competitors
CrowdStrike Falcon vs Recorded Future Logo
CrowdStrike Falcon vs Recorded Future
Compared 14% of the time
Intel 471 vs Recorded Future Logo
Intel 471 vs Recorded Future
Compared 9% of the time
ZeroFOX vs Recorded Future Logo
ZeroFOX vs Recorded Future
Compared 8% of the time
Digital Shadows vs Recorded Future Logo
Digital Shadows vs Recorded Future
Compared 7% of the time
CloudSEK XVigil vs Recorded Future Logo
CloudSEK XVigil vs Recorded Future
Compared 2% of the time
More Recorded Future Competitors
 

Product Reports

Buyer's Guide
Rapid7 InsightVM
December 2024
Rapid7 InsightVM reportDownload Rapid7 InsightVM product report
Buyer's Guide
Recorded Future
December 2024
Recorded Future reportDownload Recorded Future product report
 

Also Known As

InsightVM, NeXpose
No data available
 

Learn More

Rapid7
Recorded Future
 

Overview

Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

Rapid7 InsightVM Features

Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

  • Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.
  • Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.
  • REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.
  • Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.
  • Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.
  • Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.
  • Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

Rapid7 InsightVM Benefits

There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

  • Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.
  • Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.
  • Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.
  • Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.
  • Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.
  • Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

Recorded Future is a powerful and effective cyber threat intelligence (CTI) platform that aims to empower administrators to protect their organizations from threats, both known and unknown. The machine learning engine that Recorded Future utilizes can process the same amount of data that 9,000 analysts working five days a week, eight hours a day for an entire year can process. It simplifies threat detection and remediation so that organizations can focus on other tasks.

Recorded Future Benefits

Some of the ways that organizations can benefit by choosing to deploy Recorded Future include:

  • Quick threat identification and resolution. The suite of threat detection and resolution features that Recorded Future provides enables users to find and react to threats faster than users who employ their competitors. Organizations can identify 22 times more threats 10 times faster than they would have been able to with any other solution. They can also resolve these threats 63% faster than they were able to before.
  • Access far-reaching deep insights. Recorded Future gives users the ability to expand their vision beyond that which is immediately visible to them. They can set Recorded Future to detect issues that originate outside of the immediate vicinity of their network. Organizations can utilize machine learning to analyze for links between themselves and the dark web. This provides users insights as to what their vulnerabilities are and gives them insights that they can use to remediate any issues that have arisen or will arise.
  • Customization. Organizations can integrate Recorded Future with a wide variety of other security tools. If the organization feels that Recorded Future is lacking the capability that they need, then it can expand its toolbox by combining it with other solutions. Additionally, users can easily create dashboards and modify them to best meet their objectives as their needs change.

Recorded Future Features

Some of the many features Recorded Future offers include:

  • Vulnerability scanning tools. Recorded Future is built with the ability to scan for, identify, and score potential vulnerabilities in real time. It searches a wide variety of sources for information on the risks that an organization faces. This information is analyzed and scored for severity in real time. These tools enable users to prioritize the most severe threats over those issues that will only be nuisances.
  • Threat authentication. Users can set security protocols that Recorded Future leverages to reduce false positives. It has tools that compare the detected threats against the organization’s protocols. This allows the system to notify administrators whether they are looking at an actual threat or simply a mistake that the system initially misidentified.
  • Attack surface intelligence. Organizations gain the ability to see the points of vulnerability that would normally be invisible to them and would only be visible to outside attackers. This tool fully exposes the environment that surrounds their network. Everything from historical data going as far back as 10 years to real-time information is gathered so that administrators can create the best possible security strategy for their organization.

Reviews from Real Users

Recorded future is a solution that stands out when compared to its top competitors. Two major advantages it offers are the threat research tools that it provides and the threat monitoring capabilities that it enables users to leverage.

A security operations lead at a comms service provider writes, “Recorded Future covers a lot of different use cases. For example, we are using it for threat intelligence research. We do use the tool to make active research on what is found around the threat. We look at patterns, for example, and see what can be elaborated on from that.”

They also write, “We can also use it for active monitoring in the customer interface. We can monitor the business side of a campaign. We can monitor for specific threats or market activity on the dashboard. We can develop queries to run in a continuous mode in order to get the best reviews.”

 

Sample Customers

ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Fujitsu, Regions, SITA, St. Jude Medical, Accenture, T-Mobile, TIAA, Intel Security, Armor, Alert Logic, NTT, Splunk
Buyer's Guide
Risk-Based Vulnerability Management
December 2024
Download Free Report
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management. Updated: December 2024.
DOWNLOAD NOW
825,399 professionals have used our research since 2012.

We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.